Report - go.goodlifestylenews.com/bidenbucks06/741682c1082800f73856ceda30099bbe/55/leadsource/2551/1610/f932daa7f6071a68315d39ab4ad6bf98/mpmta

Report Overview

Submitted URL
go.goodlifestylenews.com/bidenbucks06/741682c1082800f73856ceda30099bbe/55/leadsource/2551/1610/f932daa7f6071a68315d39ab4ad6bf98/mpmta
IP
172.67.172.49
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 04:26:06
Access
public
Website Title
Beware “Biden Bucks”
Final URL
pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-04-15	676 B	1.8 kB	54.230.218.11
pro.paradigm-press.info	unknown	2019-02-19	2019-03-28	2024-04-13	545 B	847 B	192.135.136.169
browser.sentry-cdn.com	4393	2018-05-30	2018-07-13	2024-04-15	479 B	26 kB	151.101.130.217
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-15	443 B	35 kB	172.217.21.170
p.typekit.net	620	2010-08-02	2012-05-23	2024-04-15	493 B	338 B	23.33.119.26
distillery.wistia.com	6708	2007-03-18	2012-09-30	2024-04-15	499 B	410 B	54.230.111.90
o1147369.ingest.sentry.io	unknown	2012-04-07	2023-04-01	2024-04-13	657 B	558 B	34.120.195.249
470kwc1.com	unknown	2019-05-03	2020-04-29	2024-04-13	956 B	1.2 kB	3.141.116.230
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-15	6.3 kB	3.1 kB	216.239.32.36
cdn.getblueshift.com	12716	2014-03-09	2016-09-19	2024-04-12	419 B	3.4 kB	54.230.111.60
pro.paradigmnewsletters.org	unknown	2018-12-12	2019-06-06	2024-04-13	2.8 kB	13 kB	161.129.26.18
fast.wistia.com	5153	2007-03-18	2012-07-04	2024-04-15	3.7 kB	297 kB	151.101.194.132
d2z65klgtz99km.cloudfront.net	unknown	2008-04-25	2021-03-17	2024-04-13	988 B	2.4 MB	54.230.241.82
paradigmpressgroup.com	unknown	2022-05-20	2022-07-18	2024-04-14	915 B	4.2 kB	44.210.42.183
pipedream.wistia.com	6958	2007-03-18	2017-01-30	2024-04-15	1.1 kB	914 B	143.204.55.98
go.goodlifestylenews.com	unknown	2020-07-10	2022-06-02	2024-04-14	864 B	1.7 kB	104.21.30.61
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-15	8.2 kB	525 kB	142.250.74.168
s.yimg.com	375	1997-05-14	2012-05-21	2024-04-14	3.5 kB	32 kB	188.125.94.204
www.google.no	25607	2001-02-26	2016-04-05	2024-04-15	603 B	578 B	172.217.21.163
embed-cloudfront.wistia.com	unknown	2007-03-18	2022-11-08	2024-04-15	1.6 kB	645 kB	143.204.55.63
api.getblueshift.com	9346	2014-03-09	2014-05-10	2024-04-15	726 B	339 B	54.187.159.246
verifiedwebpage.com	unknown	2022-03-23	2022-03-23	2024-04-15	616 B	1.0 kB	104.18.21.187
use.typekit.net	494	2010-08-02	2012-07-05	2024-04-15	2.2 kB	72 kB	23.33.119.67

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	goodlifestylenews.com	Sinkholed
2024-04-16	medium	goodlifestylenews.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (33)

	URL	Size	First Seen	Last Seen
	s.yimg.com/wi/ytc.js	18 kB	2023-06-26	2024-04-29
Pretty URL s.yimg.com/wi/ytc.js IP 188.125.94.204 ASN #10310 YAHOO-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 11:33:35 Last Seen2024-04-29 16:51:46 Times Seen12723 Hash 5c6ed25dce803fd84288922b8928409e 3ccc10546ae12f160bacac1e9e422af091ea4a41 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Loading...

	pro.paradigmnewsletters.org/p/Scripts/HideContent.js	721 B	2023-03-09	2024-04-27
Pretty URL pro.paradigmnewsletters.org/p/Scripts/HideContent.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56:16 Last Seen2024-04-27 04:17:32 Times Seen709 Hash 624fa8179cc49ca9e80737453a6b3367 226693fb4119bc204e4dd3b8d36da8587fd00bb0 809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac Loading...

	cdn.getblueshift.com/blueshift.js	6.6 kB	2024-01-24	2024-04-27
Pretty URL cdn.getblueshift.com/blueshift.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-24 10:38:48 Last Seen2024-04-27 04:17:32 Times Seen651 Hash e70a08bd9e7ef156c1673f55ed87aa85 9dfa4cf582654332eb4e1ada9843594ca64bb0d2 a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5 Loading...

	pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/sandbox%20eval%20code	147 B	2023-04-11	2024-04-29
Pretty URL pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-29 18:54:33 Times Seen343199 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P95MDDF	462 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P95MDDF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 06:26:08 Last Seen2024-04-16 06:26:09 Times Seen2 Hash bb05b125b4e33b5eca97e750c699cfab c337eba128b30e351e797fee3ebaab499319b4a7 751f8ef1956f29214c25db52835b2de7b62d95887df619a3be2edcedda461589 Loading...

	www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C	265 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 06:26:08 Last Seen2024-04-16 06:26:09 Times Seen2 Hash be7635186fa06cf498088967289d2156 82083a27ae8f911011211b3eb6f225608b0c9349 e740d9514bafdf483990b512bd22441a5581b3d0823cd907790586f6be8d4f3a Loading...

	fast.wistia.com/assets/external/allIntegrations.js	23 kB	2024-04-10	2024-04-29
Pretty URL fast.wistia.com/assets/external/allIntegrations.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:40:57 Last Seen2024-04-29 15:13:17 Times Seen174 Hash d5dd13ae4e2cc9dbc4601c4d95143418 13405305698ad9cc7f44a86871fa1c0d057a9bf4 709f139528814cc9d5158ed469a578082a81607df49b40e41a6fb4b240567ecd Loading...

	fast.wistia.com/assets/external/E-v1.js	820 kB	2024-04-16	2024-04-16
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 06:26:08 Last Seen2024-04-16 17:11:44 Times Seen19 Hash 3befa2ed80ed1424085c064a7868b567 4e4769fae42626867ca5291571fef2cda4a7a8ed 112643faf5e7b1100514b9a24b7ae6028b94be11b7a4981e523d5e80c910fd22 Loading...

	pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true	39 B	2023-03-10	2024-04-25
Pretty URL pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-25 11:18:22 Times Seen547 Hash af8745eef59c123e59cd4703ea4cc40e 8aab93d5d6e19c3430396e434f734df7699aeda0 419e6fe661d8187589ce9e3f1f2888d3bd1fc5f4af3dc1e6a0321a66c31e1191 Loading...

	pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true	341 B	2023-03-10	2024-04-25
Pretty URL pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-25 11:18:22 Times Seen396 Hash 285bc9b441da8c1fbab42396acae2df3 833ac60111a789824e40a385d2e225c129751bbd 7849138d30558b224e5ccd5847d7ea5767630e220bf7d4e3496e99c5fa02974f Loading...

	pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true	341 B	2023-09-13	2024-04-25
Pretty URL pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 02:02:57 Last Seen2024-04-25 11:18:22 Times Seen372 Hash ce1c2dd4d39647e5c7e8a4ded7c7d48a 4f7b2f537cb1a05bd6a7f661fce09d2db271bb38 8a871b5034d221b1a98614580a9a998b0a63ad1bff46c93d65d0ed544c3638fc Loading...

	unknown	469 B	2023-03-10	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-25 11:18:22 Times Seen393 Hash 6bfa85325d17bdaf99d6c48c4539b496 dcab4590a8eeae34b0e63df480f24c1e901800bc 0d293b59ef3ca7a501f575c64a240bc9dbaad8c1c637806793a4a2d8c334a6b9 Loading...

	unknown	469 B	2023-03-10	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-25 11:18:22 Times Seen393 Hash deeaa7c0af6a3a2abc4f6232e0726eaa 82dff020198b4ca13a2e26a4ebc0ad661a66712d e1d46eadd939d65337b58355bbd09d26261a5b2bd05b4802e8d448ee0a937d26 Loading...

	unknown	326 B	2023-03-14	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:28:39 Last Seen2024-04-25 11:18:22 Times Seen402 Hash aedcaf36e4ad85dbf51037318c8ab10c c6210e518ab8eeb0a496b966241caeb1c464516a 5a0af2eeee3dcb3f4e43e4533947d91a74f63d17a73691aac1ad46367989809f Loading...

	pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true	836 B	2023-11-08	2024-04-25
Pretty URL pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 05:21:07 Last Seen2024-04-25 11:18:22 Times Seen352 Hash 4e2e4cbe63ac644606cfa87e76452824 3936c2eb6588579868016076278ccd961760eda0 85c1ef4cc98021ecdbab4fb4016a5a3500c7c47f6a2dd042083947f32ab1fb05 Loading...

	pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true	3.4 kB	2024-01-08	2024-04-16
Pretty URL pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-08 21:22:44 Last Seen2024-04-16 13:56:49 Times Seen22 Hash 264d10934c087bb7909479999a97457e fcdd187953aabbda08ca3eea5f35f37ec06ba7e9 85633b614a0e893152c31059972a7f9f4956580973a8e7029438ab1e535571db Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	83 kB	2024-04-10	2024-04-29
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:36:41 Last Seen2024-04-29 15:13:17 Times Seen229 Hash 7845f53703880c301c91e55dacfb2730 a91923e2fe5f5a139f65a41682cee83637c636bf 441f641db8dc0a94620a07d59cfdad03e6fd3630fe3af81f82ce80d9d8ac3942 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-29
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-29 18:54:36 Times Seen118855 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true	109 B	2023-03-10	2024-04-17
Pretty URL pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-17 00:57:38 Times Seen79 Hash a39ff14a1a4e88525e34027e8b6e3c94 326c4022114ae9657a770a1ece2546734eba1bd9 30a7e291e69650bfdca1511d9399e2f2c84eca63daae25494678a7e3cf7f5562 Loading...

	fast.wistia.com/assets/external/googleAnalytics4.js	18 kB	2024-04-11	2024-04-19
Pretty URL fast.wistia.com/assets/external/googleAnalytics4.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 00:54:26 Last Seen2024-04-19 02:41:58 Times Seen66 Hash 6bef00e6a3097beb9029c1485db02022 43a9e765e6e6317e46b182b484170508c60073cf 0dc147d17a8a25eb266f07789362f142286be5205d2e34fee1cf0136cfaad3d4 Loading...

	fast.wistia.com/assets/external/engines/hls_video.js	486 kB	2024-04-10	2024-04-29
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:36:41 Last Seen2024-04-29 15:13:17 Times Seen208 Hash 0d0944584a2e0b7299c788dfbcc6224b dbafb5834a1553d168e2e61633d9dfb37d29a438 c6c26035fb90773bae20e3accc00fe4bf7368ac9eb802ce0ee066ffb3f89b738 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NKRVP76	416 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NKRVP76 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 06:26:09 Last Seen2024-04-16 06:26:09 Times Seen2 Hash f991748bc532ada5889a71f9f02c3555 afab2d2c6b62e9f62450dd0f797bd8d696ceb3f3 8fa4b210cea5ff85704333b5005d639013d9a023f5b48de92709cd9976ca4cb7 Loading...

	unknown	469 B	2023-03-10	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-25 11:18:22 Times Seen394 Hash 525d0b8417e918e828c73233e2e7b437 98cce5ccb75b57d7a47822a88b159d54bdf05fdd 9dc28f8d48c697f48911cc3ce9ae64edfae072127840572164c90548695e82ca Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-29
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-29 18:54:33 Times Seen342698 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c	265 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 06:26:09 Last Seen2024-04-16 06:26:09 Times Seen2 Hash 459e0ac03c271d99d26d92ff5f8cb4a3 983b8c2cad1d8eb57102ee15c22736f489ad8f9f 808fe6e1ee0f9982ece52677ac524dd8a8f44401a5597e70d106a45b380ab05f Loading...

	browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js	76 kB	2023-03-10	2024-04-17
Pretty URL browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js IP 151.101.130.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:23 Last Seen2024-04-17 00:57:38 Times Seen159 Hash b1a7a1b922a4979ae3414123594bdc9f 7cf9514e86b46e19347ebdb04e686ae9b954b800 4848b910fc25c8ee7e9fa21fd42380399adc16075748f9c29b5290b256256e6c Loading...

	pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true	2.3 kB	2024-04-15	2024-04-25
Pretty URL pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-15 00:54:47 Last Seen2024-04-25 11:18:22 Times Seen32 Hash 78f3038d152f3fb35e4dad2a1e43ebb2 d7e1fbe3a79d9b14aaf7d3c4d2c006b512f988b6 4ddaedebcebea1e406f00f6b83c9960fef92e343295fd73c33d2886df256d221 Loading...

	unknown	1.3 kB	2023-03-10	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-25 11:18:22 Times Seen394 Hash 94d29b65bf770b80ca20ff02e2ba5f41 a4c1ab460dbe34b9672c2745f50e0c792a64d932 2d59b45ab2c9e86e411bdd0f5f9d8bb84b383a197faf372ee4e91a0c9a651b87 Loading...

	unknown	469 B	2023-03-10	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-25 11:18:22 Times Seen393 Hash 1b942598e5ebe0432ae014b008148c5b 63d79dd6f78b6fa3d330d9f70ed48048f2cb9dd8 f91cdf301758a9d6e20bc3455aa0ad44dd54cf784f593aceb2283318c2117f94 Loading...

	pro.paradigmnewsletters.org/p/Scripts/Common.js	2.4 kB	2023-03-09	2024-04-27
Pretty URL pro.paradigmnewsletters.org/p/Scripts/Common.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56:16 Last Seen2024-04-27 04:17:33 Times Seen708 Hash ef9b6f612e89926fa10830ad89a7f3b6 faa8fbf56e4834534455c46ba2753118eb554c2e 86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd Loading...

	pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true	2.2 kB	2023-03-10	2024-04-25
Pretty URL pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-25 11:18:22 Times Seen396 Hash e4f3e2e42bacfb36a7847e627e7e8276 5492c5e58d3c3abd4a40f736078f546b450e8085 5b86639a656d86f430a56426ae9ac2c83fe1a5c11d91739037f8b1146f5677b8 Loading...

	unknown	1.3 kB	2024-02-05	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-05 00:22:28 Last Seen2024-04-25 11:18:22 Times Seen135 Hash c14d2737cadb3a0ca008bfa3669bd651 8288b4fcb69ee42fbfbaf0533ad239dd37a971a2 4224a6ccdb4870ef44685b1205c3e52feaa7f902f3a6ff3ee36746772bceedf1 Loading...

	www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c	299 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 06:26:09 Last Seen2024-04-16 06:27:29 Times Seen4 Hash acc437dfea71ba6a56c06153ca1496ee f23064fe9efef3320a918655e01c3f0a9a65f94a 0db5ada01342cdf3fb6cecd361bd09f1fb5857c2f17a69fb68a1e0823415845d Loading...

HTTP Transactions (70)

URL IP Response Size

470kwc1.com/clk.trk?CID=443820&AFID=430135&SID=3415447649292138046

3.141.116.230

302 Found

134 B

URL User Request GET HTTP/2
470kwc1.com/clk.trk?CID=443820&AFID=430135&SID=3415447649292138046
IP
3.141.116.230:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject470kwc1.com
Fingerprint71:DE:CD:1D:C9:7F:26:78:C1:13:CE:8A:81:B9:15:B9:EC:6C:33:DC
ValiditySun, 17 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /clk.trk?CID=443820&AFID=430135&SID=3415447649292138046 HTTP/1.1
Host: 470kwc1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 16 Apr 2024 04:25:39 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://470kwc1.com:443/clk.trk?CID=443820&AFID=430135&SID=3415447649292138046

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
42f7f592002103f03abbfcdabe0044db
85d40fca7b2704871397400bf612b232990f72a9
4e915ba6e24c3c482ecd1c6ee1b44e0d51c35aa2ebe727b04d5c74d6f2eafba2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 04:25:39 GMT
Server: ECAcc (amb/6AB3)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CAo4lCK0J-PIBU4E_33tcVpIkbEJjzb5AMoGplV_TjEdHOHdAx6Pxg==

470kwc1.com/clk.trk?CID=443820&AFID=430135&SID=3415447649292138046

3.141.116.230

302 Found

216 B

URL User Request GET HTTP/2
470kwc1.com/clk.trk?CID=443820&AFID=430135&SID=3415447649292138046
IP
3.141.116.230:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject470kwc1.com
Fingerprint71:DE:CD:1D:C9:7F:26:78:C1:13:CE:8A:81:B9:15:B9:EC:6C:33:DC
ValiditySun, 17 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
216 B (216 bytes)
Hash
50844a93bee5b3b0bcb0bf08adf79dee
8224075a4f6fbf2c7255a9cc7178bea24476768f
bd6e6ee640816dd0959efe140f75d4fe0450733c6f43376cbc4c11637292fc2b

HTTP Headers

GET /clk.trk?CID=443820&AFID=430135&SID=3415447649292138046 HTTP/1.1
Host: 470kwc1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 04:25:39 GMT
content-type: text/html; charset=utf-8
content-length: 216
location: https://pro.paradigm-press.info/m/2038056?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25
cache-control: private
server: Microsoft-IIS/10.0
p3p: policyref="/p3p/P3P.470kwc1.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
x-aspnet-version: 4.0.30319
set-cookie: LTTC6_443820=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25; expires=Tue, 23-Apr-2024 04:25:39 GMT; path=/; secure; SameSite=None
x-powered-by: ASP.NET
access-control-allow-origin: *
X-Firefox-Spdy: h2

pro.paradigm-press.info/m/2038056?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25

192.135.136.169

301 Moved Permanently

256 B

URL User Request GET HTTP/1.1
pro.paradigm-press.info/m/2038056?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25
IP
192.135.136.169:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
FingerprintD0:23:A8:B2:78:50:C6:21:FE:9D:C7:7F:E1:47:6F:02:D9:A8:1C:44
ValidityTue, 30 Jan 2024 12:33:08 GMT - Mon, 29 Apr 2024 12:33:07 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
256 B (256 bytes)
Hash
888402d3541d3bef8a1ee1ac3b72d769
c2f39e20bc97f99f27cff65b88aa48981737e0a1
f0088fd75fb778850b17eedae4208ab45c047ba6559f2fe9c897f834b765eae5

HTTP Headers

GET /m/2038056?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25 HTTP/1.1
Host: pro.paradigm-press.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Date: Tue, 16 Apr 2024 04:25:40 GMT
Content-Length: 256
Set-Cookie: 2038056=2403595; expires=Mon, 06-May-2024 04:25:40 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!joynd/Yv7eN8wJ40QCUGrw3uOK3bWXeKQ6OFsulpEtmzoWc0tGuk3Xkd6uHqDor1ofZMj8i4O6wipeQ=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

go.goodlifestylenews.com/

104.21.30.61

143 B

URL
go.goodlifestylenews.com/
IP
104.21.30.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
143 B (143 bytes)
Hash
f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 04:25:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2023 15:41:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbQKy6RKaDZbIr8N4RH0hUOSBcYCCUsrhLdp4u7YDjNMFaMJmmxHi7BB28bXZf1wjjdUYOgtkRbxNM0XrQU0cxmfIczVl3j%2FvH6LXVxm3Hou8xjITqGWE8vBpUS9t%2FOGBZX8FqZwFzPtu60%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 875169aa1b90b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true

161.129.26.18

302 Found

256 B

URL User Request GET HTTP/1.1
pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
IP
161.129.26.18:80
ASN
#11372 14WEST-AS

File type
HTML document, ASCII text, with CRLF line terminators
Size
256 B (256 bytes)
Hash
888402d3541d3bef8a1ee1ac3b72d769
c2f39e20bc97f99f27cff65b88aa48981737e0a1
f0088fd75fb778850b17eedae4208ab45c047ba6559f2fe9c897f834b765eae5

HTTP Headers

GET /p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 16 Apr 2024 04:25:40 GMT
Content-Length: 256
Set-Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!fTf4LiSzddDaT8Q0QCUGrw3uOK3bWdU3EtCacWu4MrmFwE5D0szBPPfBUTCha488YzXFz2qy19NmHA8=; path=/; Httponly

pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true

161.129.26.18

302 Found

9.8 kB

URL User Request GET HTTP/1.1
pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
IP
161.129.26.18:80
ASN
#11372 14WEST-AS

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2892), with CRLF, LF line terminators
Size
9.8 kB (9788 bytes)
Hash
20e6d54971855117a183f2a53744475d
5c932e5d547dc965ed8aa2c312a732af908c8c9a
06a78cbf18e137acd72b24126d711878c22c5ab5ab8927bf4a3de2525c2cf091

HTTP Headers

GET /p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!fTf4LiSzddDaT8Q0QCUGrw3uOK3bWdU3EtCacWu4MrmFwE5D0szBPPfBUTCha488YzXFz2qy19NmHA8=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 16 Apr 2024 04:25:41 GMT
Content-Length: 9788
Set-Cookie: LAWNY6AU=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!V5LYzuy+3FhtCF80QCUGrw3uOK3bWUGP0TlVMzN2Vl+yNb63iGFt3F9ooQ5HKPq9F9SQq8P02qefwP8=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

pro.paradigmnewsletters.org/p/Scripts/Common.js

161.129.26.18

200 OK

1.1 kB

URL GET HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/Common.js
IP
161.129.26.18:443
ASN
#11372 14WEST-AS

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
FingerprintD0:23:A8:B2:78:50:C6:21:FE:9D:C7:7F:E1:47:6F:02:D9:A8:1C:44
ValidityTue, 30 Jan 2024 12:33:08 GMT - Mon, 29 Apr 2024 12:33:07 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1140 bytes)
Hash
2fa1e7a35bfa376eff7f1426fc4a8afa
008b48dbd95a158542969743c18d0bc33e0a9384
857d94bd23b6437baa66255e1d507ad4a23d75ef9a271fb3e1303dc7dd0aced9

HTTP Headers

GET /p/Scripts/Common.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!fTf4LiSzddDaT8Q0QCUGrw3uOK3bWdU3EtCacWu4MrmFwE5D0szBPPfBUTCha488YzXFz2qy19NmHA8=; LAWNY6AU=; BIGipServerIRIS_PROD_HTTPS_POOL=!V5LYzuy+3FhtCF80QCUGrw3uOK3bWUGP0TlVMzN2Vl+yNb63iGFt3F9ooQ5HKPq9F9SQq8P02qefwP8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "a37f814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 16 Apr 2024 04:25:41 GMT
Content-Length: 1140
Strict-Transport-Security: max-age=63072000; includeSubDomains

browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

151.101.130.217

200 OK

25 kB

URL GET HTTP/2
browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js
IP
151.101.130.217:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGlobalSign nv-sa
Subject*.sentry-cdn.com
FingerprintF4:BF:96:D1:20:5D:BA:52:63:EB:1F:F7:56:39:FA:81:01:A3:64:DE
ValidityTue, 01 Aug 2023 14:42:24 GMT - Sun, 01 Sep 2024 14:42:23 GMT

File type
JavaScript source, ASCII text, with very long lines (65429)
Size
25 kB (25261 bytes)
Hash
b1a7a1b922a4979ae3414123594bdc9f
7cf9514e86b46e19347ebdb04e686ae9b954b800
4848b910fc25c8ee7e9fa21fd42380399adc16075748f9c29b5290b256256e6c

HTTP Headers

GET /7.14.0/bundle.tracing.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 09 Oct 2024 15:25:46 GMT
last-modified: Wed, 28 Sep 2022 12:12:25 GMT
etag: "5d7bd7b4bd3e1985565195a6b7303da3"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
age: 3015819
date: Tue, 16 Apr 2024 04:25:42 GMT
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 25261
X-Firefox-Spdy: h2

pro.paradigmnewsletters.org/p/Scripts/HideContent.js

161.129.26.18

200 OK

466 B

URL GET HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/HideContent.js
IP
161.129.26.18:443
ASN
#11372 14WEST-AS

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
FingerprintD0:23:A8:B2:78:50:C6:21:FE:9D:C7:7F:E1:47:6F:02:D9:A8:1C:44
ValidityTue, 30 Jan 2024 12:33:08 GMT - Mon, 29 Apr 2024 12:33:07 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
466 B (466 bytes)
Hash
cc54a637e514fddfe0be2e7c2d062e5b
a0f97813508d22d71f015b93cc8dfdcee65acdfd
580942b09dd77a53c0501f35a1d6c61cbcff1d504a6efb0dfa5d77cbdb1af741

HTTP Headers

GET /p/Scripts/HideContent.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!fTf4LiSzddDaT8Q0QCUGrw3uOK3bWdU3EtCacWu4MrmFwE5D0szBPPfBUTCha488YzXFz2qy19NmHA8=; LAWNY6AU=; BIGipServerIRIS_PROD_HTTPS_POOL=!V5LYzuy+3FhtCF80QCUGrw3uOK3bWUGP0TlVMzN2Vl+yNb63iGFt3F9ooQ5HKPq9F9SQq8P02qefwP8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "bbcd814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 16 Apr 2024 04:25:41 GMT
Content-Length: 466
Strict-Transport-Security: max-age=63072000; includeSubDomains

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

172.217.21.170

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:32:56 GMT
expires: Fri, 11 Apr 2025 02:32:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 438766
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/E-v1.js

151.101.194.132

200 OK

137 kB

URL GET HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65474)
Size
137 kB (136685 bytes)
Hash
3befa2ed80ed1424085c064a7868b567
4e4769fae42626867ca5291571fef2cda4a7a8ed
112643faf5e7b1100514b9a24b7ae6028b94be11b7a4981e523d5e80c910fd22

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Mon, 15 Apr 2024 17:55:04 GMT
etag: "33e2b8031240acc3a1d394a33ee6bea6"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 04:25:42 GMT
age: 1776
x-served-by: cache-iad-kjyo7100151-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 70, 387
x-timer: S1713241542.057317,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: b938d904760a24eaf76f3bb113c0f3f987318811
content-length: 136685
X-Firefox-Spdy: h2

use.typekit.net/nfp7qni.css

23.33.119.67

200 OK

806 B

URL GET HTTP/2
use.typekit.net/nfp7qni.css
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
806 B (806 bytes)
Hash
fa738673c463927da77a9ea4370c7462
de84ec397fd1879472fed4435b82336259d0d4ee
c9b11114154ef85e49a0c51b8368373cf9629b56b4083d753b652598eb6fefcb

HTTP Headers

GET /nfp7qni.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 806
date: Tue, 16 Apr 2024 04:25:42 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=nfp7qni&ht=tk&f=31225.31226.31229.31230.31231.31232&a=78277183&app=typekit&e=css

23.33.119.26

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=nfp7qni&ht=tk&f=31225.31226.31229.31230.31231.31232&a=78277183&app=typekit&e=css
IP
23.33.119.26:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=nfp7qni&ht=tk&f=31225.31226.31229.31230.31231.31232&a=78277183&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Tue, 16 Apr 2024 04:25:42 GMT
X-Firefox-Spdy: h2

cdn.getblueshift.com/blueshift.js

54.230.111.60

200 OK

2.8 kB

URL GET HTTP/1.1
cdn.getblueshift.com/blueshift.js
IP
54.230.111.60:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint29:49:01:4C:AB:3A:C5:E4:F6:F2:67:75:BE:5B:FF:4B:F3:5C:EC:47
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6625), with no line terminators
Size
2.8 kB (2826 bytes)
Hash
e70a08bd9e7ef156c1673f55ed87aa85
9dfa4cf582654332eb4e1ada9843594ca64bb0d2
a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5

HTTP Headers

GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2826
Connection: keep-alive
Last-Modified: Wed, 24 Jan 2024 03:44:50 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 16 Apr 2024 04:18:11 GMT
Cache-Control: max-age=3600
ETag: "bd39fba69cd2745738daf44e0e350f6e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QJCtdN4lg9ub2R8WeDFAcJ4LOeGfOMbs4nKP0j1Fi9LPARzay1MffQ==
Age: 453

use.typekit.net/af/5e4a03/00000000000000003b9ae849/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i2&v=3

23.33.119.67

200 OK

24 kB

URL GET HTTP/2
use.typekit.net/af/5e4a03/00000000000000003b9ae849/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i2&v=3
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24084, version 1.0
Size
24 kB (24084 bytes)
Hash
609a6d035dc7a5c36b88bbfa2cf9458b
d5cf78cd58934849376071f24c35619a6f349be9
dacf953a3cae70714fa310ffaab73671c4bc2a25e305b518a3ed5d3aefc7a7b2

HTTP Headers

GET /af/5e4a03/00000000000000003b9ae849/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24084
etag: "a2c3528b5b4cc3f31841ad8f1096df17ab1c84b9"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 16 Apr 2024 04:25:42 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/cab4b1/00000000000000003b9ae84e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3

23.33.119.67

200 OK

22 kB

URL GET HTTP/2
use.typekit.net/af/cab4b1/00000000000000003b9ae84e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21964, version 1.0
Size
22 kB (21964 bytes)
Hash
191fd784865078a00655ee0dc9db8f78
25c5a7656f905649f0845bab1971996c32c75e40
83f843a435a6d47f1542cf1786d4c884a35fc9b388e8a662d3364cc9a00d7410

HTTP Headers

GET /af/cab4b1/00000000000000003b9ae84e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 21964
etag: "ac678982c364234feba2c43267d251315b824b53"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 16 Apr 2024 04:25:42 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/7aa05f/00000000000000003b9ae848/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3

23.33.119.67

200 OK

24 kB

URL GET HTTP/2
use.typekit.net/af/7aa05f/00000000000000003b9ae848/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23460, version 1.0
Size
24 kB (23460 bytes)
Hash
e7bdd205431bf24c223994b6b75b2d66
687ad56f9a1d9baa29e17d04aae2dbe64d2c17fe
713b8a587540f0db6ab801b4eab54377795825692d866407bf716f53b5249093

HTTP Headers

GET /af/7aa05f/00000000000000003b9ae848/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23460
etag: "45a18431cf7ce3769ef4ac797bca7103903737ca"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 16 Apr 2024 04:25:42 GMT
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

142.250.74.168

200 OK

117 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NKRVP76
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (56012)
Size
117 kB (117208 bytes)
Hash
f991748bc532ada5889a71f9f02c3555
afab2d2c6b62e9f62450dd0f797bd8d696ceb3f3
8fa4b210cea5ff85704333b5005d639013d9a023f5b48de92709cd9976ca4cb7

HTTP Headers

GET /gtm.js?id=GTM-NKRVP76 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 04:25:42 GMT
expires: Tue, 16 Apr 2024 04:25:42 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 117208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-P95MDDF

142.250.74.168

200 OK

119 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P95MDDF
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (58328)
Size
119 kB (118884 bytes)
Hash
bb05b125b4e33b5eca97e750c699cfab
c337eba128b30e351e797fee3ebaab499319b4a7
751f8ef1956f29214c25db52835b2de7b62d95887df619a3be2edcedda461589

HTTP Headers

GET /gtm.js?id=GTM-P95MDDF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 04:25:42 GMT
expires: Tue, 16 Apr 2024 04:25:42 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 118884
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/biden_bucks_bg.jpg

54.230.241.82

200 OK

139 kB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/biden_bucks_bg.jpg
IP
54.230.241.82:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=GIMP 2.10.30, datetime=2022:06:06 14:45:13], progressive, precision 8, 1920x1080, components 3
Size
139 kB (138938 bytes)
Hash
61d9b84ce44d6b1c08f79241caed45da
1bf506291e7e22e1870dfffe7697423cf9dec966
4dbf3f1af145adcd2c9c801afb92a60ac2369a5648eeab3717e7ebefaff2a553

HTTP Headers

GET /AWN/AWN_bidenbucks_0622/biden_bucks_bg.jpg HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 138938
server: nginx
date: Sun, 08 Oct 2023 15:58:23 GMT
last-modified: Mon, 06 Jun 2022 18:46:27 GMT
cache-control: max-age=31536000
expires: Mon, 07 Oct 2024 15:58:22 GMT
etag: "629e4b83-21eba"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oyb1dFqX-3DdMht94VQCjW2xikBQyQeIGfwGJtTLON5GlwGC9EQN8g==
age: 16460839
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c

142.250.74.168

200 OK

100 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
100 kB (99971 bytes)
Hash
acc437dfea71ba6a56c06153ca1496ee
f23064fe9efef3320a918655e01c3f0a9a65f94a
0db5ada01342cdf3fb6cecd361bd09f1fb5857c2f17a69fb68a1e0823415845d

HTTP Headers

GET /gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 04:25:42 GMT
expires: Tue, 16 Apr 2024 04:25:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99971
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

188.125.94.204

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.204:443
ASN
#10310 YAHOO-1

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 0XO2loGzNcqm0uEVJtOz1mLKNUR3U+OxPfhNG9BbYaQB9kxJYHL+AwIOdBqgsMTcTay1OK6kj7mqAwiLRhJJs0RPAhsohfsWy7It99OiN5I=
x-amz-request-id: KRSCSF22PAAE2FJJ
date: Tue, 16 Apr 2024 03:47:12 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2311
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

188.125.94.204

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.204:443
ASN
#10310 YAHOO-1

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 0XO2loGzNcqm0uEVJtOz1mLKNUR3U+OxPfhNG9BbYaQB9kxJYHL+AwIOdBqgsMTcTay1OK6kj7mqAwiLRhJJs0RPAhsohfsWy7It99OiN5I=
x-amz-request-id: KRSCSF22PAAE2FJJ
date: Tue, 16 Apr 2024 03:47:12 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2311
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

188.125.94.204

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.204:443
ASN
#10310 YAHOO-1

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 0XO2loGzNcqm0uEVJtOz1mLKNUR3U+OxPfhNG9BbYaQB9kxJYHL+AwIOdBqgsMTcTay1OK6kj7mqAwiLRhJJs0RPAhsohfsWy7It99OiN5I=
x-amz-request-id: KRSCSF22PAAE2FJJ
date: Tue, 16 Apr 2024 03:47:12 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2311
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

188.125.94.204

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.204:443
ASN
#10310 YAHOO-1

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 0XO2loGzNcqm0uEVJtOz1mLKNUR3U+OxPfhNG9BbYaQB9kxJYHL+AwIOdBqgsMTcTay1OK6kj7mqAwiLRhJJs0RPAhsohfsWy7It99OiN5I=
x-amz-request-id: KRSCSF22PAAE2FJJ
date: Tue, 16 Apr 2024 03:47:12 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2311
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/jbw5p1na2u.json

151.101.194.132

200 OK

1.7 kB

URL GET HTTP/2
fast.wistia.com/embed/medias/jbw5p1na2u.json
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JSON text data
Size
1.7 kB (1654 bytes)
Hash
edebd6f0d83fca6772aeef7793ce1fb9
399cc3d256288bb0269004888579a92cfbe3ba12
5445b2f5b36ae78dab62efb417f2c332d5d6b04d80b578c84d1d562d3e9b24a5

HTTP Headers

GET /embed/medias/jbw5p1na2u.json HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"5445b2f5b36ae78dab62efb417f2c332"
x-request-id: 5184524b-4131-4ae8-9243-ec52bab5214e
x-runtime: 0.050045
content-encoding: br
x-envoy-upstream-service-time: 52
via: 1.1 bc330e83c319e99d19922ed79166586a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD61-P1
x-amz-cf-id: LZRBQKPLuxIUgSf9IHVulY5nDRgssxdue1Tmn5F6nnRh0BG45orYsQ==
accept-ranges: bytes
age: 47476
date: Tue, 16 Apr 2024 04:25:43 GMT
x-served-by: cache-iad-kcgs7200042-IAD, cache-hel1410022-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 158, 0
x-timer: S1713241543.167232,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1654
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10091245.json

188.125.94.204

200 OK

22 B

URL GET HTTP/2
s.yimg.com/wi/config/10091245.json
IP
188.125.94.204:443
ASN
#10310 YAHOO-1

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JSON text data
Size
22 B (22 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10091245.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 846KKJZJMH478B0Z
x-amz-id-2: C2fGaSJMuoFrApG2Oj/m/b4rUVTWS9vbastUWTMGh2+idtQyg/GZsd3EN7FSLuTAP2Gjmc5f6vE=
content-type: application/json
date: Tue, 16 Apr 2024 04:25:42 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10125189.json

188.125.94.204

200 OK

22 B

URL GET HTTP/2
s.yimg.com/wi/config/10125189.json
IP
188.125.94.204:443
ASN
#10310 YAHOO-1

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JSON text data
Size
22 B (22 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10125189.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 846MWT12GAEZ0X81
x-amz-id-2: 3++2yt9l4sI5cIKF5Eky1wZzu2wPPs6oMELW5TwhnB9l7k8o6pRi0CTPrCbGtTu9BhaqQvTZO4JGOnKj0bXrZyT05lN+QisO
content-type: application/json
date: Tue, 16 Apr 2024 04:25:42 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/googleAnalytics4.js

151.101.194.132

200 OK

4.5 kB

URL GET HTTP/2
fast.wistia.com/assets/external/googleAnalytics4.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (17563)
Size
4.5 kB (4452 bytes)
Hash
6bef00e6a3097beb9029c1485db02022
43a9e765e6e6317e46b182b484170508c60073cf
0dc147d17a8a25eb266f07789362f142286be5205d2e34fee1cf0136cfaad3d4

HTTP Headers

GET /assets/external/googleAnalytics4.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 15 Apr 2024 17:55:05 GMT
etag: "d22bcf196ba8e07c2f90d09a270e1ee8"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 04:25:43 GMT
age: 1568
x-served-by: cache-iad-kcgs7200145-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 70, 2
x-timer: S1713241543.295137,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: b938d904760a24eaf76f3bb113c0f3f987318811
content-length: 4452
X-Firefox-Spdy: h2

paradigmpressgroup.com/favicons/favicon-16x16.png

44.210.42.183

200 OK

587 B

URL GET HTTP/2
paradigmpressgroup.com/favicons/favicon-16x16.png
IP
44.210.42.183:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerLet's Encrypt
Subjectparadigmpressgroup.com
Fingerprint9F:5E:5C:45:8B:D7:39:29:DA:7C:07:64:1E:F0:C5:D7:22:AE:AB:4D
ValidityWed, 10 Apr 2024 16:51:00 GMT - Tue, 09 Jul 2024 16:50:59 GMT

File type
PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced
Size
587 B (587 bytes)
Hash
2bb2efaa073e4987ba1867aff02ab3ac
ea05acee8f408e3f86830b5f2da0616ced013006
6b712b83f2054506208f4243b57e7bd48fa0dcf3a10c0ff609bfc5ea8398ddc6

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 04:25:43 GMT
content-type: image/png
content-length: 587
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"24b-1823c06a3cc"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

paradigmpressgroup.com/favicons/apple-touch-icon.png

44.210.42.183

200 OK

3.0 kB

URL GET HTTP/2
paradigmpressgroup.com/favicons/apple-touch-icon.png
IP
44.210.42.183:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerLet's Encrypt
Subjectparadigmpressgroup.com
Fingerprint9F:5E:5C:45:8B:D7:39:29:DA:7C:07:64:1E:F0:C5:D7:22:AE:AB:4D
ValidityWed, 10 Apr 2024 16:51:00 GMT - Tue, 09 Jul 2024 16:50:59 GMT

File type
PNG image data, 180 x 180, 8-bit grayscale, non-interlaced
Size
3.0 kB (3017 bytes)
Hash
dd470648114adaceb47d36a18ad41d9d
c93c69021ab4e381b4715938bed3732b132852b3
49dd5241fadc6a69795935a795804ed7206efb39f6dc6b5a0588f92d80775ad4

HTTP Headers

GET /favicons/apple-touch-icon.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 04:25:43 GMT
content-type: image/png
content-length: 3017
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"bc9-1823c06a3cb"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10114794.json

188.125.94.204

200 OK

22 B

URL GET HTTP/2
s.yimg.com/wi/config/10114794.json
IP
188.125.94.204:443
ASN
#10310 YAHOO-1

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JSON text data
Size
22 B (22 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10114794.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 846V363033A2B0YC
x-amz-id-2: psn8G6l62TReH463tC3Pow/Vhx9P15XUSvrkvN+DhewFbztSgAEwQy0AVieNH8/z2vSWcWACDLk=
content-type: application/json
date: Tue, 16 Apr 2024 04:25:42 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10082412.json

188.125.94.204

200 OK

22 B

URL GET HTTP/2
s.yimg.com/wi/config/10082412.json
IP
188.125.94.204:443
ASN
#10310 YAHOO-1

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JSON text data
Size
22 B (22 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10082412.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 846JW29YN1G3N8RY
x-amz-id-2: fAWGFBJqsiiLxxWCDZ7JaHaBnL4xac8b1V6xOyT5Wx1hv3jnW4c1GEHjiBv3Moy7IihmYr3PiWg=
content-type: application/json
date: Tue, 16 Apr 2024 04:25:43 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/BidenWalkingToPodium_CTP_720px.gif

54.230.241.82

200 OK

2.2 MB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/BidenWalkingToPodium_CTP_720px.gif
IP
54.230.241.82:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
GIF image data, version 89a, 720 x 479
Size
2.2 MB (2224542 bytes)
Hash
a63bf2ba4e1e40b598beca4d8fceb232
4fc8d36c0e67457339e2d4018b8659b42d137521
30c514a0e324ba22ffb8662aef7a3bababaff722a22aa63ffaec5a2470651ed3

HTTP Headers

GET /AWN/AWN_bidenbucks_0622/BidenWalkingToPodium_CTP_720px.gif HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 2224542
server: nginx
date: Tue, 16 May 2023 11:21:08 GMT
last-modified: Thu, 16 Jun 2022 19:23:08 GMT
cache-control: max-age=31536000
expires: Wed, 15 May 2024 11:21:08 GMT
etag: "62ab831c-21f19e"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C4ld2Nt6mHIlXKneEsJlI-xblT3jMGB7Gw4RQJzKcbnyysYmHgGKFg==
age: 29005474
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=881366377.1713241543&gtm=45je44f0v9122066590z8811578897za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1347316839

172.217.21.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=881366377.1713241543&gtm=45je44f0v9122066590z8811578897za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1347316839
IP
172.217.21.163:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68
ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=881366377.1713241543&gtm=45je44f0v9122066590z8811578897za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1347316839 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 04:25:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C

142.250.74.168

200 OK

92 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
92 kB (91740 bytes)
Hash
be7635186fa06cf498088967289d2156
82083a27ae8f911011211b3eb6f225608b0c9349
e740d9514bafdf483990b512bd22441a5581b3d0823cd907790586f6be8d4f3a

HTTP Headers

GET /gtag/js?id=G-9JTVKL1Z3C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 04:25:43 GMT
expires: Tue, 16 Apr 2024 04:25:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c

142.250.74.168

200 OK

92 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
92 kB (91813 bytes)
Hash
459e0ac03c271d99d26d92ff5f8cb4a3
983b8c2cad1d8eb57102ee15c22736f489ad8f9f
808fe6e1ee0f9982ece52677ac524dd8a8f44401a5597e70d106a45b380ab05f

HTTP Headers

GET /gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 04:25:43 GMT
expires: Tue, 16 Apr 2024 04:25:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F&tdp=G-9JTVKL1Z3C;122977530;0;2;0&mtd=__e-1&mec=__e2&rtg=11578897&rlo=8&slo=5&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F&tdp=G-9JTVKL1Z3C;122977530;0;2;0&mtd=__e-1&mec=__e2&rtg=11578897&rlo=8&slo=5&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F&tdp=G-9JTVKL1Z3C;122977530;0;2;0&mtd=__e-1&mec=__e2&rtg=11578897&rlo=8&slo=5&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:25:44 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/td?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F&tdp=G-9JTVKL1Z3C;122977530;0;2;0&mtd=__e-1&mec=__e2&rtg=11578897&rlo=8&slo=5&z=0

142.250.74.168

204 No Content

0 B

URL GET HTTP/3
www.googletagmanager.com/td?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F&tdp=G-9JTVKL1Z3C;122977530;0;2;0&mtd=__e-1&mec=__e2&rtg=11578897&rlo=8&slo=5&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /td?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&dl=pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F&tdp=G-9JTVKL1Z3C;122977530;0;2;0&mtd=__e-1&mec=__e2&rtg=11578897&rlo=8&slo=5&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 16 Apr 2024 04:25:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z8811578897za200&_p=1713241542429&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2425

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z8811578897za200&_p=1713241542429&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2425
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z8811578897za200&_p=1713241542429&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2425 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Tue, 16 Apr 2024 04:25:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=3&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Click%20Report&tfd=2459

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=3&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Click%20Report&tfd=2459
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=3&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Click%20Report&tfd=2459 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Tue, 16 Apr 2024 04:25:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z8811578897za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Click%20Report&tfd=2451

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z8811578897za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Click%20Report&tfd=2451
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z8811578897za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Click%20Report&tfd=2451 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Tue, 16 Apr 2024 04:25:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=0&u=AAAAAAAIAAAAAAAAAAAAAABA&h=Ag&tr=1ogtgasend.1ogtreferralexclusion.1ogtsessiontimeout.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdconversionmarking.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogtgasend.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&mec=__e4&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=0&u=AAAAAAAIAAAAAAAAAAAAAABA&h=Ag&tr=1ogtgasend.1ogtreferralexclusion.1ogtsessiontimeout.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdconversionmarking.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogtgasend.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&mec=__e4&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=0&u=AAAAAAAIAAAAAAAAAAAAAABA&h=Ag&tr=1ogtgasend.1ogtreferralexclusion.1ogtsessiontimeout.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdconversionmarking.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogtgasend.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&mec=__e4&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:25:44 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=1&u=AAAAAAAIAAAAAAAAAAAAAABA&h=Ag&tr=1gct&ti=1gct&mec=__e6&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=1&u=AAAAAAAIAAAAAAAAAAAAAABA&h=Ag&tr=1gct&ti=1gct&mec=__e6&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=1&u=AAAAAAAIAAAAAAAAAAAAAABA&h=Ag&tr=1gct&ti=1gct&mec=__e6&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:25:44 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtm.dom&eid=4&u=AAAAAAAIAAAAAAAAAAAAAABA&h=Ag&mec=__e8&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtm.dom&eid=4&u=AAAAAAAIAAAAAAAAAAAAAABA&h=Ag&mec=__e8&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtm.dom&eid=4&u=AAAAAAAIAAAAAAAAAAAAAABA&h=Ag&mec=__e8&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:25:44 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=4&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=awn_aware&_c=1&tfd=2459

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=4&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=awn_aware&_c=1&tfd=2459
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=4&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=awn_aware&_c=1&tfd=2459 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Tue, 16 Apr 2024 04:25:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtag.config&eid=12&u=AAAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&epr=1G.3G&mec=__e8&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtag.config&eid=12&u=AAAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&epr=1G.3G&mec=__e8&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=gtag.config&eid=12&u=AAAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&epr=1G.3G&mec=__e8&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:25:44 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fast.wistia.com/assets/external/playPauseLoadingControl.js

151.101.194.132

200 OK

22 kB

URL GET HTTP/2
fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
22 kB (21596 bytes)
Hash
7845f53703880c301c91e55dacfb2730
a91923e2fe5f5a139f65a41682cee83637c636bf
441f641db8dc0a94620a07d59cfdad03e6fd3630fe3af81f82ce80d9d8ac3942

HTTP Headers

GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Mon, 15 Apr 2024 17:55:05 GMT
etag: "054f6647c2b3166c5479ecec2e1cdb23"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 04:25:44 GMT
age: 1779
x-served-by: cache-iad-kiad7000136-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 66, 77
x-timer: S1713241544.110833,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: b938d904760a24eaf76f3bb113c0f3f987318811
content-length: 21596
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/engines/hls_video.js

151.101.194.132

200 OK

118 kB

URL GET HTTP/2
fast.wistia.com/assets/external/engines/hls_video.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (118197 bytes)
Hash
0d0944584a2e0b7299c788dfbcc6224b
dbafb5834a1553d168e2e61633d9dfb37d29a438
c6c26035fb90773bae20e3accc00fe4bf7368ac9eb802ce0ee066ffb3f89b738

HTTP Headers

GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Mon, 15 Apr 2024 17:55:05 GMT
etag: "eb7dd49fb6d9bc27920e7403bf0de676"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 04:25:44 GMT
age: 1778
x-served-by: cache-iad-kcgs7200172-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 64, 49
x-timer: S1713241544.118609,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: b938d904760a24eaf76f3bb113c0f3f987318811
content-length: 118197
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/jbw5p1na2u.m3u8

151.101.194.132

200 OK

757 B

URL GET HTTP/2
fast.wistia.com/embed/medias/jbw5p1na2u.m3u8
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
M3U playlist, ASCII text
Size
757 B (757 bytes)
Hash
e76c8ebe339be83c531ffce93e65d0ef
3a27b5384f1d5acf62e982cc2d0f3c2a375a327d
15f8a792fbffb6b8c19f9a31758868de6538c4673ea07c50d5ef9c621670ad73

HTTP Headers

GET /embed/medias/jbw5p1na2u.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-mpegURL
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"15f8a792fbffb6b8c19f9a31758868de"
x-request-id: 9d914781-6d11-44d9-a369-3704aa90ece6
x-runtime: 0.034093
x-envoy-upstream-service-time: 35
via: 1.1 d9057c384f4ac5ba2672d2ff44de7e08.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: ZCo9VpNFEQifUlfuW6_Uav94GWNOyzGJ5e8fTyIjwPjGQeOG-9_kcg==
accept-ranges: bytes
age: 8986
date: Tue, 16 Apr 2024 04:25:44 GMT
x-served-by: cache-iad-kjyo7100121-IAD, cache-hel1410022-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 160, 0
x-timer: S1713241544.311175,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 757
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.98

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.98:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1089
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Tue, 16 Apr 2024 04:25:44 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
server: envoy
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IWXdZOonup-qqL2J2IhYCY4CYnm5DvXQczMb4mPvxc5FPmRaOyY2sg==
X-Firefox-Spdy: h2

fast.wistia.com/assets/images/blank.gif

151.101.194.132

200 OK

1.2 kB

URL GET HTTP/2
fast.wistia.com/assets/images/blank.gif
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
GIF image data, version 89a, 100 x 100
Size
1.2 kB (1214 bytes)
Hash
fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

HTTP Headers

GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 10 May 2023 19:48:54 GMT
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
x-amz-server-side-encryption: AES256
content-type: image/gif
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 04:25:44 GMT
age: 2654
x-served-by: cache-iad-kcgs7200077-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 25, 101
x-timer: S1713241544.328528,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1214
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/1a7ce6e5db5da5506ae91387c030b5cd0b910413.m3u8

143.204.55.63

200 OK

72 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/1a7ce6e5db5da5506ae91387c030b5cd0b910413.m3u8
IP
143.204.55.63:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
72 kB (71492 bytes)
Hash
f02c9234c0dc14d7c751a55e026e41f2
9df1c93f59ca1032699f004a2201a4848574b65f
7dd0a1d0e115f73c796a306b51ca967bee748192ee888376a3a776a91e934f2b

HTTP Headers

GET /deliveries/1a7ce6e5db5da5506ae91387c030b5cd0b910413.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 71492
server: envoy
date: Wed, 10 Apr 2024 11:44:25 GMT
expires: Thu, 10 Apr 2025 11:44:25 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 1a7ce6e5db5da5506ae91387c030b5cd0b910413-hls-segment
surrogate-key: 1a7ce6e5db5da5506ae91387c030b5cd0b910413-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 107
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uvzDBhGr-0Mi9Ht5rH_6avAPFbYhRdnrKOeK7SI6RhPWBuBBtCzPAw==
age: 492079
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/1a7ce6e5db5da5506ae91387c030b5cd0b910413.m3u8/seg-1-v1-a1.ts

143.204.55.63

200 OK

500 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/1a7ce6e5db5da5506ae91387c030b5cd0b910413.m3u8/seg-1-v1-a1.ts
IP
143.204.55.63:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
500 kB (499704 bytes)
Hash
488024560b15c844a2dd6644840486b5
40f1cd14abcaf93a743ef003cb4b39812be3c311
c40e1cfcb583f00e49569c55b8f3a71f5cfac2454ea0a9c7daa52293971a538f

HTTP Headers

GET /deliveries/1a7ce6e5db5da5506ae91387c030b5cd0b910413.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 499704
server: envoy
date: Sat, 13 Apr 2024 16:24:24 GMT
expires: Sun, 13 Apr 2025 16:24:24 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 1a7ce6e5db5da5506ae91387c030b5cd0b910413-hls-segment
surrogate-key: 1a7ce6e5db5da5506ae91387c030b5cd0b910413-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 200
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MlUTexPXY67-rGqdVg7ExUmR42WQzKKFswcdA-KU_Wa6WjEpXraCPg==
age: 216080
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

distillery.wistia.com/x

54.230.111.90

204 No Content

0 B

URL POST HTTP/2
distillery.wistia.com/x
IP
54.230.111.90:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subjectstats-tap-production-cloudfront-app-cname.wistia.com
Fingerprint37:C6:AB:79:1C:DF:9B:5E:3A:B8:3E:F1:0C:1D:48:BF:89:2D:1F:40
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1688
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 16 Apr 2024 04:25:44 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
server: envoy
x-envoy-upstream-service-time: 1
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -x4RJKNkkmq-nsLy4aIHznc5DCe87XQ3JUubYA28ARAY5L0uPGIAqw==
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/cd81971793b0dc3e8c360c002335b19d31b5ae2a.m3u8

143.204.55.63

200 OK

72 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/cd81971793b0dc3e8c360c002335b19d31b5ae2a.m3u8
IP
143.204.55.63:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
72 kB (71492 bytes)
Hash
3d88468674b109ad4dc2be9dda785d4e
5b9714e21144eb1dffc634bde05c491419a26d61
ba3d52d67645f18009ef515fc9b02fa430e3427cd00c58174a475675cea95476

HTTP Headers

GET /deliveries/cd81971793b0dc3e8c360c002335b19d31b5ae2a.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 71492
server: envoy
date: Fri, 12 Apr 2024 06:05:34 GMT
expires: Sat, 12 Apr 2025 06:05:34 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: cd81971793b0dc3e8c360c002335b19d31b5ae2a-hls-segment
surrogate-key: cd81971793b0dc3e8c360c002335b19d31b5ae2a-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 69
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vJQSUkagchnLWlDywp1ciUmY96aM2yDcpeKJLku0qxJCiMJVmKjhlg==
age: 339609
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

o1147369.ingest.sentry.io/api/4503902855102464/envelope/?sentry_key=39a81e4de95a40d283d30db3dc35a252&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.14.0

34.120.195.249

200 OK

41 B

URL POST HTTP/2
o1147369.ingest.sentry.io/api/4503902855102464/envelope/?sentry_key=39a81e4de95a40d283d30db3dc35a252&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.14.0
IP
34.120.195.249:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerDigiCert Inc
Subjectingest.sentry.io
Fingerprint60:82:0B:58:64:CD:37:FD:3F:C0:84:4F:0B:69:CF:58:05:15:97:9A
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
782dd5a8d961616bdc4086a35f23dc3c
99073d119f1b96c95274f465ccaebd362d59c4dd
f757ed18f9828af7f1316534fd776bfbd246dbdbfe11c6110c8b6db9e08157cb

HTTP Headers

POST /api/4503902855102464/envelope/?sentry_key=39a81e4de95a40d283d30db3dc35a252&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.14.0 HTTP/1.1
Host: o1147369.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/
Content-Type: text/plain;charset=UTF-8
Content-Length: 10611
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 04:25:44 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.98

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.98:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2219
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Tue, 16 Apr 2024 04:25:44 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5JD235GHVAuEB_A2lngjD4dgALitBEygxu-NdM4XqGmbufe_miEz6Q==
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/allIntegrations.js

151.101.194.132

200 OK

5.8 kB

URL GET HTTP/2
fast.wistia.com/assets/external/allIntegrations.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (23371)
Size
5.8 kB (5773 bytes)
Hash
d5dd13ae4e2cc9dbc4601c4d95143418
13405305698ad9cc7f44a86871fa1c0d057a9bf4
709f139528814cc9d5158ed469a578082a81607df49b40e41a6fb4b240567ecd

HTTP Headers

GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Mon, 15 Apr 2024 17:55:04 GMT
etag: "4d5cbf7cb285a542334e7de7bc37ed93"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Tue, 16 Apr 2024 04:25:45 GMT
age: 1780
x-served-by: cache-iad-kiad7000030-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 56, 53
x-timer: S1713241545.113119,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: b938d904760a24eaf76f3bb113c0f3f987318811
content-length: 5773
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
fad739c27da48976f986ca17ff44f69f
b1c1c469954d6418d7548d39ba04c49acf9c4042
a1a12722f006018df77482d1a4f4296f0dfde4c6cf0797d9c192c05e989fd4aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 04:25:45 GMT
Last-Modified: Tue, 16 Apr 2024 03:06:18 GMT
Server: ECAcc (ska/F7A3)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eoam_DyWsKjDya8LOgWf6tZUzN1JXT0Jc7WE-HX4AmbdwGVVdp_yeA==
Age: 4767

api.getblueshift.com/unity.gif?t=1713241545&e=pageload&r=&z=91879&x=59976d352f424c4b27d325518576b9b2&k=6a7a23f6-eb36-d673-9200-c4478f74fed1&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue

54.187.159.246

200 OK

42 B

URL GET HTTP/2
api.getblueshift.com/unity.gif?t=1713241545&e=pageload&r=&z=91879&x=59976d352f424c4b27d325518576b9b2&k=6a7a23f6-eb36-d673-9200-c4478f74fed1&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue
IP
54.187.159.246:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
FingerprintD1:61:A7:FF:D0:FD:A2:46:9B:FE:0C:A8:F1:8A:A9:24:9B:70:04:65
ValidityWed, 07 Feb 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /unity.gif?t=1713241545&e=pageload&r=&z=91879&x=59976d352f424c4b27d325518576b9b2&k=6a7a23f6-eb36-d673-9200-c4478f74fed1&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 04:25:45 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://pro.paradigmnewsletters.org
access-control-expose-headers: etag
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&_s=5&tfd=8606

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&_s=5&tfd=8606
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&_s=5&tfd=8606 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Tue, 16 Apr 2024 04:25:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=26&u=AgAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&mec=__e24&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=26&u=AgAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&mec=__e24&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=26&u=AgAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&mec=__e24&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:25:52 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=28&u=AgAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&mec=__e26&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=28&u=AgAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&mec=__e26&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=28&u=AgAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&mec=__e26&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:25:52 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=29&u=AgAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&mec=__e28&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=29&u=AgAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&mec=__e28&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-9JTVKL1Z3C&v=3&t=t&pid=803648371&cv=2&rv=44f0&tc=16&es=1&e=*&eid=29&u=AgAAAAAIAAAAAIAAAAAAAABA&ut=Ag&h=Ag&mec=__e28&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 04:25:53 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z8811578897za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=6&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Engagement&tfd=12334

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z8811578897za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=6&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Engagement&tfd=12334
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z8811578897za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=6&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Engagement&tfd=12334 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Tue, 16 Apr 2024 04:25:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=7&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Engagement&tfd=17336

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=7&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Engagement&tfd=17336
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNY6AU/?cake_s1=04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44f0v9122066590z878323495za200&_p=1713241542429&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=881366377.1713241543&ul=en-us&sr=1280x1024&pscdl=noapi&_s=7&sid=1713241542&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNY6AU%2F%3Fcake_s1%3D04_142724061_bba220e3-786e-48d4-a22b-1796d4e8ea25%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Engagement&tfd=17336 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Tue, 16 Apr 2024 04:25:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

verifiedwebpage.com/go?ehash=741682c1082800f73856ceda30099bbe&product=2618&ar=55&cid=2551&lid=1610&slhash=f932daa7f6071a68315d39ab4ad6bf98&mtaid=mpmta&cid2=[s8]

104.18.21.187

302 Found

0 B

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=741682c1082800f73856ceda30099bbe&product=2618&ar=55&cid=2551&lid=1610&slhash=f932daa7f6071a68315d39ab4ad6bf98&mtaid=mpmta&cid2=[s8]
IP
104.18.21.187:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56
ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go?ehash=741682c1082800f73856ceda30099bbe&product=2618&ar=55&cid=2551&lid=1610&slhash=f932daa7f6071a68315d39ab4ad6bf98&mtaid=mpmta&cid2=[s8] HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 04:25:38 GMT
content-type: text/html; charset=UTF-8
location: http://470kwc1.com/clk.trk?CID=443820&AFID=430135&SID=3415447649292138046
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=b5722a1b1aabc4b1e6c66ed8bbff52f4; path=/
pixel_session_hash_2618=3415447649292138046; expires=Thu, 16-May-2024 04:25:37 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_2618=567ce0ed11e8d7548b09201ead175396bacb5f9f26b8dc75f8600f2bf19987d5; expires=Thu, 18-Apr-2024 04:25:37 GMT; Max-Age=172800
__cf_bm=.QB6lDpS.59TGKlW2fGregUFYnXl6ZmRsqyT9Y9xw3M-1713241538-1.0.1.1-RI1mpO6JOj92mTbXa3mNcl_tnF9S4m5D9tzZd2KfrRWIFF7pMWCABftu6sxqjh9Jd..7Hq.IfbGM8efZCahS1w; path=/; expires=Tue, 16-Apr-24 04:55:38 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8751699bdc220b31-OSL
X-Firefox-Spdy: h2

go.goodlifestylenews.com/bidenbucks06/741682c1082800f73856ceda30099bbe/55/leadsource/2551/1610/f932daa7f6071a68315d39ab4ad6bf98/mpmta

172.67.172.49

302 Found

0 B

URL User Request GET HTTP/2
go.goodlifestylenews.com/bidenbucks06/741682c1082800f73856ceda30099bbe/55/leadsource/2551/1610/f932daa7f6071a68315d39ab4ad6bf98/mpmta
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bidenbucks06/741682c1082800f73856ceda30099bbe/55/leadsource/2551/1610/f932daa7f6071a68315d39ab4ad6bf98/mpmta HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 04:25:37 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=741682c1082800f73856ceda30099bbe&product=2618&ar=55&cid=2551&lid=1610&slhash=f932daa7f6071a68315d39ab4ad6bf98&mtaid=mpmta&cid2=[s8]
cache-control: max-age=600
expires: Tue, 16 Apr 2024 04:35:37 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiEo96K6fVCD%2Bx5lQeRKUd338IoPBE89Vfjt9THOSEVBdy0AK8vLa2rb1OEYwEtUDFEmHTv%2FMCh47h5Xy8yIjJSUndOLgjcN62dNMOCinHT%2BcT7XhU%2BcCBf13zUwSSB%2FBZSute2%2F5hwzkaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87516997693ab523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML